QLogic 8 Gb Intelligent Pass-thru Module for IBM BladeCenter ...

More documents

Recommendations

Info

4 – Network and Fabric ConfigurationManaging IP SecuritySIP Security ConceptsIP Security provides encryption-based security for IP version 4 communicationsthrough the use of security policies and associations. The security policy databaseis the set of all security policies configured on the switch. A security policy definesthe following parameters:• Connection source and destination• Data traffic direction: inbound or outbound• Protocols for which to protect data traffic• Security protocols; Authentication Header (AH) or Encapsulating SecurityPayload (ESP)• Level of protection: IP Security, discard, or nonePolicies can define security for host-to-host, host-to-gateway, andgateway-to-gateway connections; one policy for each direction. For example, tosecure the connection between two hosts, you need two policies: one foroutbound traffic from the source to the destination, and another for inbound trafficto the source from the destination. You can specify sources and destinations by IPaddresses or DNS host names. If a host name resolves to more than one IPaddress, the switch creates the necessary policies and associations. You canrecognize these dynamic policies and associations because their names beginwith DynamicSP_ and DynamicSA_ respectively.You can apply IP security to all communication between two systems, or to selectprotocols, such as ICMP, TCP, or UDP. Furthermore, instead of applying IPsecurity, you can choose to discard all inbound or outbound traffic, or allow alltraffic without encryption. Both the AH and ESP security protocols provide sourceauthentication, ensure data integrity, and protect against replay.A security association defines the encryption algorithm and encryption key toapply when called by a security policy. A security policy may call severalassociations at different times, but each association is related to only one policy.The security association database is the set of all security associations.IP Security configurations can be complex: it is possible to unintentionallyconfigure policies and associations that isolate a switch from all communication. Ifthis happens, you can disable IP Security by placing the switch in maintenancemode, and correct the problem through the serial port interface. Refer to theQLogic 8 Gb Intelligent Pass-thru Module and 20-Port 8 Gb SAN Switch Modules:Installation Guide for information about using maintenance mode and connectingthrough the serial port.4-6 59245-01 A
A4 – Network and Fabric ConfigurationManaging IP SecurityDisplaying IP Security InformationYou can display the security policy and security association databases in thefollowing ways:• Active policies and associations; that is, policies and associations currentlyin use• Configured policies and associations; that is, policies and associations thathave been saved in the database• Policies and associations that are being edited, but have not been savedYou can display the following types of IP Security configuration information:• Policy and Association Information• IP Security Configuration History• IP Security Configuration LimitsPolicy and Association InformationTo display general or specific policy and association information, enter theIpsec List command. The Ipsec List command does not require an Admin sessionnor an Ipsec Edit session. Within an Ipsec Edit session, the Ipsec Association Listand Ipsec Policy List commands display the same information.The following example displays all active policies and associations:QLogic8GbT #> ipsec listActive IPsec InformationSecurity Association Database-----------------------------h2h-sh-sah2h-hs-saSecurity Policy Database------------------------h2h-hs-sph2h-sh-spSummary-------Security Association Count: 2Security Policy Count: 259245-01 A 4-7
Page 2: QLogic 8 Gb Intelligent Pass-thru M
Page 6 and 7: QLogic 8 Gb Intelligent Pass-thru M
Page 8 and 9: QLogic 8 Gb Intelligent Pass-thru M
Page 10 and 11: 1 - IntroductionIntended AudienceS
Page 12 and 13: 1 - IntroductionTechnical SupportSN
Page 14 and 15: 2 - Command Line Interface UsageLog
Page 16 and 17: 2 - Command Line Interface UsageEnt
Page 18 and 19: 2 - Command Line Interface UsageCre
Page 20 and 21: 2 - Command Line Interface UsageDow
Page 22 and 23: 2 - Command Line Interface UsageDow
Page 25 and 26: A3 - User Account ConfigurationCrea
Page 27 and 28: 4 Network and FabricConfigurationNe
Page 29 and 30: A4 - Network and Fabric Configurati
Page 31: A4 - Network and Fabric Configurati
Page 45 and 46: 5 I/O Module ConfigurationI/O modul
Page 47 and 48: A5 - I/O Module ConfigurationDispla
Page 49 and 50: A5 - I/O Module ConfigurationDispla
Page 51 and 52: A5 - I/O Module ConfigurationManagi
Page 59 and 60: A5 - I/O Module ConfigurationResett
Page 61 and 62: A5 - I/O Module ConfigurationInstal
Page 63 and 64: A5 - I/O Module ConfigurationInstal
Page 65 and 66: A5 - I/O Module ConfigurationTestin
Page 67 and 68: A5 - I/O Module ConfigurationTestin
Page 71 and 72: 6 Port ConfigurationThis section de
Page 73 and 74: A6 - Port ConfigurationDisplaying P
Page 79 and 80: A6 - Port ConfigurationModifying Po
Page 81 and 82: A6 - Port ConfigurationMapping Tran
Page 83 and 84:
A6 - Port ConfigurationResetting a
Page 85 and 86:
A6 - Port ConfigurationTesting a Po
Page 87 and 88:
A6 - Port ConfigurationTesting a Po
Page 89 and 90:
7 Connection SecurityConfigurationT
Page 91 and 92:
A7 - Connection Security Configurat
Page 93 and 94:
8 RADIUS ServerConfigurationUser ac
Page 95 and 96:
A8 - RADIUS Server ConfigurationCon
Page 97 and 98:
9 Event Log ConfigurationThis secti
Page 99 and 100:
A9 - Event Log ConfigurationDisplay
Page 101 and 102:
A9 - Event Log ConfigurationClearin
Page 103 and 104:
A9 - Event Log ConfigurationLogging
Page 105 and 106:
10 Call Home ConfigurationThis sect
Page 107 and 108:
A10 - Call Home ConfigurationCall H
Page 109 and 110:
A10 - Call Home ConfigurationConfig
Page 111 and 112:
A10 - Call Home ConfigurationManagi
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
A10 - Call Home ConfigurationTestin
Page 121 and 122:
A10 - Call Home ConfigurationResett
Page 123 and 124:
11 Simple NetworkManagement Protoco
Page 125 and 126:
A11 - Simple Network Management Pro
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
12 Command ReferenceThis section de
Page 133 and 134:
A12 - Command ReferenceAdminAdminAu
Page 135 and 136:
A12 - Command ReferenceCallhomehist
Page 137 and 138:
A12 - Command ReferenceCallhomeThe
Page 139 and 140:
A12 - Command ReferenceCaptureCaptu
Page 141 and 142:
A12 - Command ReferenceCaptureThe f
Page 143 and 144:
A12 - Command ReferenceConfigdelete
Page 145 and 146:
A12 - Command ReferenceConfigThe fo
Page 147 and 148:
A12 - Command ReferenceCreateExampl
Page 149 and 150:
A12 - Command ReferenceDateDateAuth
Page 151 and 152:
A12 - Command ReferenceFeatureFeatu
Page 153 and 154:
A12 - Command ReferenceFirmware Ins
Page 155 and 156:
A12 - Command ReferenceHardresetHar
Page 157 and 158:
A12 - Command ReferenceHistoryHisto
Page 159 and 160:
A12 - Command ReferenceImageImageAu
Page 161 and 162:
A12 - Command ReferenceImageThe fol
Page 163 and 164:
A12 - Command ReferenceIpsechistory
Page 165 and 166:
A12 - Command ReferenceIpsec Associ
Page 167 and 168:
A12 - Command ReferenceIpsec Associ
Page 169 and 170:
A12 - Command ReferenceIpsec Listpo
Page 171 and 172:
A12 - Command ReferenceIpsec ListTh
Page 173 and 174:
A12 - Command ReferenceIpsec Policy
Page 175 and 176:
A12 - Command ReferenceIpsec Policy
Page 177 and 178:
A12 - Command ReferencePasswdPasswd
Page 179 and 180:
A12 - Command ReferenceProfileProfi
Page 181 and 182:
A12 - Command ReferenceProfileExamp
Page 183 and 184:
A12 - Command ReferencePsPsAuthorit
Page 185 and 186:
A12 - Command ReferenceResetResetAu
Page 187 and 188:
A12 - Command ReferenceResetNotesTh
Page 189 and 190:
A12 - Command ReferenceResetEnter S
Page 191 and 192:
A12 - Command ReferenceResetEnter t
Page 193 and 194:
A12 - Command ReferenceSet AlarmSet
Page 195 and 196:
A12 - Command ReferenceSet Config P
Page 197 and 198:
A12 - Command ReferenceSet Config P
Page 199 and 200:
A12 - Command ReferenceSet Config S
Page 201 and 202:
A12 - Command ReferenceSet Config T
Page 203 and 204:
A12 - Command ReferenceSet LogSet L
Page 205 and 206:
A12 - Command ReferenceSet LogInfoM
Page 207 and 208:
A12 - Command ReferenceSet Pagebrea
Page 209 and 210:
A12 - Command ReferenceSet PortSet
Page 211 and 212:
A12 - Command ReferenceSet Setup Ca
Page 213 and 214:
A12 - Command ReferenceSet Setup Ca
Page 215 and 216:
A12 - Command ReferenceSet Setup Ra
Page 217 and 218:
A12 - Command ReferenceSet Setup Ra
Page 219 and 220:
A12 - Command ReferenceSet Setup Se
Page 221 and 222:
A12 - Command ReferenceSet Setup Se
Page 223 and 224:
A12 - Command ReferenceSet Setup SN
Page 225 and 226:
A12 - Command ReferenceSet Setup SN
Page 227 and 228:
A12 - Command ReferenceSet Setup Sy
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
A12 - Command ReferenceSet Timezone
Page 237 and 238:
A12 - Command ReferenceShow AboutSh
Page 239 and 240:
A12 - Command ReferenceShow AlarmSh
Page 241 and 242:
A12 - Command ReferenceShow Backtra
Page 243 and 244:
A12 - Command ReferenceShow Chassis
Page 245 and 246:
A12 - Command ReferenceShow Config
Page 247 and 248:
A12 - Command ReferenceShow Interfa
Page 249 and 250:
A12 - Command ReferenceShow LogWarn
Page 251 and 252:
A12 - Command ReferenceShow MediaSh
Page 253 and 254:
A12 - Command ReferenceShow MediaEx
Page 255 and 256:
A12 - Command ReferenceShow MemShow
Page 257 and 258:
A12 - Command ReferenceShow PerfSho
Page 259 and 260:
A12 - Command ReferenceShow PerfExa
Page 261 and 262:
A12 - Command ReferenceShow PortSho
Page 263 and 264:
A12 - Command ReferenceShow PortTab
Page 265 and 266:
A12 - Command ReferenceShow PortExa
Page 267 and 268:
A12 - Command ReferenceShow Post Lo
Page 269 and 270:
A12 - Command ReferenceShow Setup M
Page 271 and 272:
A12 - Command ReferenceShow Setup R
Page 273 and 274:
A12 - Command ReferenceShow Setup S
Page 275 and 276:
A12 - Command ReferenceShow Setup S
Page 277 and 278:
A12 - Command ReferenceShow SwitchS
Page 279 and 280:
A12 - Command ReferenceShow SystemS
Page 281 and 282:
A12 - Command ReferenceShow Timezon
Page 283 and 284:
A12 - Command ReferenceShow Version
Page 285 and 286:
A12 - Command ReferenceShutdownShut
Page 287 and 288:
A12 - Command ReferenceSnmpv3userli
Page 289 and 290:
A12 - Command ReferenceTest CancelT
Page 291 and 292:
A12 - Command ReferenceTest PortExa
Page 293 and 294:
A12 - Command ReferenceTest SwitchT
Page 295 and 296:
A12 - Command ReferenceUptimeUptime
Page 297 and 298:
A12 - Command ReferenceUserNotesExa
Page 299 and 300:
A12 - Command ReferenceWhoamiWhoami
Page 301 and 302:
AMapping Port Locationsand Software
Page 303 and 304:
IndexAaccount namedisplay 12-166, 1
Page 305 and 306:
AQLogic 8 Gb Intelligent Pass-thru
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 314:
DCorporate Headquarters QLogic Corp
show all

QLogic 8 Gb Intelligent Pass-thru Module for IBM BladeCenter ...

Create successful ePaper yourself

Delete template?

Save as template?